Skip to content

Commit

Permalink
Merge pull request #6734 from eclipse/jetty-9.3.x-6072-backport-large…
Browse files Browse the repository at this point in the history
…-tls-fix

Issue #6072 - backport of minimum fix for jetty-9.3.x
  • Loading branch information
joakime authored Sep 20, 2021
2 parents b0fc078 + 2112daf commit c3d3540
Show file tree
Hide file tree
Showing 3 changed files with 87 additions and 3 deletions.
13 changes: 13 additions & 0 deletions jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java
Original file line number Diff line number Diff line change
Expand Up @@ -741,6 +741,19 @@ else if (_decryptedInput == null)
throw new IllegalStateException("Unexpected unwrap result " + unwrapResultStatus);

case BUFFER_UNDERFLOW:
// Continue if we can compact?
if (BufferUtil.compact(_encryptedInput))
break decryption; // to cause fill again.

// Are we out of space?
if (BufferUtil.space(_encryptedInput) == 0)
{
BufferUtil.clear(_encryptedInput);
throw new SSLHandshakeException("Encrypted buffer max length exceeded");
}

_underFlown = true;
// Fall through to OK case.
case OK:
{
if (unwrapHandshakeStatus == HandshakeStatus.FINISHED)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
package org.eclipse.jetty.server.ssl;

import static org.hamcrest.Matchers.greaterThan;
import static org.hamcrest.Matchers.lessThan;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertThat;
Expand All @@ -39,20 +40,32 @@
import java.net.SocketException;
import java.net.SocketTimeoutException;
import java.net.URL;
import java.nio.ByteBuffer;
import java.util.Arrays;
import java.util.concurrent.atomic.AtomicLong;

import javax.net.SocketFactory;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.eclipse.jetty.io.EndPoint;
import org.eclipse.jetty.io.ssl.SslConnection;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.AbstractHandler;
import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
import org.eclipse.jetty.util.IO;
Expand Down Expand Up @@ -92,7 +105,7 @@ public class SSLEngineTest

private Server server;
private ServerConnector connector;

private SslContextFactory sslContextFactory;

@Before
public void startServer() throws Exception
Expand Down Expand Up @@ -178,6 +191,61 @@ public void testBigResponse() throws Exception
assertThat(response.length(),greaterThan(102400));
}

@Test
public void testInvalidLargeTLSFrame() throws Exception
{
AtomicLong unwraps = new AtomicLong();
ConnectionFactory http = connector.getConnectionFactory(HttpConnectionFactory.class);
ConnectionFactory ssl = new SslConnectionFactory(sslContextFactory, http.getProtocol())
{
@Override
protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine)
{
return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption())
{
@Override
protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException
{
unwraps.incrementAndGet();
return super.unwrap(sslEngine, input, output);
}
};
}
};
ServerConnector tlsConnector = new ServerConnector(server, 1, 1, ssl, http);
server.addConnector(tlsConnector);
server.setHandler(new HelloWorldHandler());
server.start();

// Create raw TLS record.
byte[] bytes = new byte[20005];
Arrays.fill(bytes, (byte)1);

bytes[0] = 22; // record type
bytes[1] = 3; // major version
bytes[2] = 3; // minor version
bytes[3] = 78; // record length 2 bytes / 0x4E20 / decimal 20,000
bytes[4] = 32; // record length
bytes[5] = 1; // message type
bytes[6] = 0; // message length 3 bytes / 0x004E17 / decimal 19,991
bytes[7] = 78;
bytes[8] = 23;

SocketFactory socketFactory = SocketFactory.getDefault();
try (Socket client = socketFactory.createSocket("localhost", tlsConnector.getLocalPort()))
{
client.getOutputStream().write(bytes);

// Sleep to see if the server spins.
Thread.sleep(1000);
assertThat(unwraps.get(), lessThan(128L));

// Read until -1 or read timeout.
client.setSoTimeout(1000);
IO.readBytes(client.getInputStream());
}
}

@Test
public void testRequestJettyHttps() throws Exception
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,6 @@

package org.eclipse.jetty.websocket.client;

import static org.hamcrest.Matchers.*;

import java.net.URI;
import java.util.Collection;
import java.util.Set;
Expand All @@ -35,8 +33,13 @@
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;

import static org.hamcrest.Matchers.is;
import static org.hamcrest.Matchers.notNullValue;

@Ignore // not reliable on 9.3.x (fixed in 9.4.x)
public class SessionTest
{
private BlockheadServer server;
Expand Down

0 comments on commit c3d3540

Please sign in to comment.